ID de Prueba:	1.3.6.1.4.1.25623.1.0.880687
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for bind CESA-2009:1620 centos5 i386
Resumen:	The remote host is missing an update for the 'bind'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'bind' package(s) announced via the referenced advisory. Vulnerability Insight: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named), a resolver library (routines for applications to use when interfacing with DNS), and tools for verifying that the DNS server is operating correctly. Michael Sinatra discovered that BIND was incorrectly caching responses without performing proper DNSSEC validation, when those responses were received during the resolution of a recursive client query that requested DNSSEC records but indicated that checking should be disabled. A remote attacker could use this flaw to bypass the DNSSEC validation check and perform a cache poisoning attack if the target BIND server was receiving such client queries. (CVE-2009-4022) All BIND users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically. Affected Software/OS: bind on CentOS 5 Solution: Please install the updated packages. CVSS Score: 2.6 CVSS Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4022 1021660 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021660.1-1 1021798 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1 37118 http://www.securityfocus.com/bid/37118 37426 http://secunia.com/advisories/37426 37491 http://secunia.com/advisories/37491 38219 http://secunia.com/advisories/38219 38240 http://secunia.com/advisories/38240 38794 http://secunia.com/advisories/38794 38834 http://secunia.com/advisories/38834 39334 http://secunia.com/advisories/39334 40730 http://secunia.com/advisories/40730 60493 http://osvdb.org/60493 ADV-2009-3335 http://www.vupen.com/english/advisories/2009/3335 ADV-2010-0176 http://www.vupen.com/english/advisories/2010/0176 ADV-2010-0528 http://www.vupen.com/english/advisories/2010/0528 ADV-2010-0622 http://www.vupen.com/english/advisories/2010/0622 APPLE-SA-2011-10-12-3 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html FEDORA-2009-12218 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01172.html FEDORA-2009-12233 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01188.html IZ68597 http://www.ibm.com/support/docview.wss?uid=isg1IZ68597 IZ71667 http://www.ibm.com/support/docview.wss?uid=isg1IZ71667 IZ71774 http://www.ibm.com/support/docview.wss?uid=isg1IZ71774 MDVSA-2009:304 http://www.mandriva.com/security/advisories?name=MDVSA-2009:304 RHSA-2009:1620 http://www.redhat.com/support/errata/RHSA-2009-1620.html USN-888-1 http://www.ubuntu.com/usn/USN-888-1 VU#418861 http://www.kb.cert.org/vuls/id/418861 [oss-security] 20091124 CVE request: BIND 9 bug involving DNSSEC and the additional section http://www.openwall.com/lists/oss-security/2009/11/24/2 [oss-security] 20091124 Re: a new bind issue http://www.openwall.com/lists/oss-security/2009/11/24/8 [oss-security] 20091124 a new bind issue http://www.openwall.com/lists/oss-security/2009/11/24/1 [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates http://lists.vmware.com/pipermail/security-announce/2010/000082.html bind-dnssec-cache-poisoning(54416) https://exchange.xforce.ibmcloud.com/vulnerabilities/54416 ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt http://aix.software.ibm.com/aix/efixes/security/bind9_advisory.asc http://support.apple.com/kb/HT5002 http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018 https://bugzilla.redhat.com/show_bug.cgi?id=538744 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488 https://issues.rpath.com/browse/RPL-3152 https://www.isc.org/advisories/CVE-2009-4022v6 https://www.isc.org/advisories/CVE2009-4022 oval:org.mitre.oval:def:10821 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10821 oval:org.mitre.oval:def:11745 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11745 oval:org.mitre.oval:def:7261 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7261 oval:org.mitre.oval:def:7459 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7459
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.